我尝试使用 java 在 CentOS 7 中构建一个 Snort GUI,但存在 linux 不允许 java 程序访问系统目录的问题。有没有办法制作java访问系统库?
一些命令发送者.class:
import java.io.IOException;
public class commandSender {
public static String snortLocal="/usr/sbin/";
public static String rulesLocal="/etc/snort/rules/local.rules";
public static String logLocal="/var/log/snort/";
public static String ethDevice="enp0s25";
public static String configLocal="/etc/snort/snort.conf";
public static void makeComm(int option) throws IOException, InterruptedException{
if(option==1){
String local=getSnortLocal();
String comm=checkSnort();
Controller.exec(sendComm(local, comm));
}
else if(option==2){
String local=getSnortLocal();
String comm=startSnort();
Controller.exec(sendComm(local, comm));
}
else if(option==3){
SettingGUI.setting();
String local=getSnortLocal();
String comm=startSnortNIDS();
Controller.exec(sendComm(local, comm));
}
else if(option==4){
//kill
}
else if(option==5){
String local=getSnortLocal();
String comm=showVersion();
Controller.exec(sendComm(local, comm));
}
}
public static String getLogLocal() {
return logLocal;
}
public static void setLogLocal(String logLocal) {
commandSender.logLocal = logLocal;
}
public static String[] sendComm(String local, String comm){
String[] commmand={local, comm};
return commmand;
}
public static String checkSnort(){
configLocal=getConfigLocal();
String checkSnort="snort -T -c "+rulesLocal;
return checkSnort;
}
public static String startSnort(){
configLocal=getConfigLocal();
ethDevice=getEthDevice();
String startRules="snort -dv -i "+ethDevice + " -l "+logLocal;
return startRules;
}
public static String startSnortNIDS(){
configLocal=getConfigLocal();
ethDevice=getEthDevice();
String startRules="snort -dv -i "+ethDevice+" -c "+configLocal+" -A fast -l "+logLocal;
return startRules;
}
控制器.class:
import java.util.*;
import java.io.*;
public class Controller {
public static Process exec(String[] command) throws IOException, InterruptedException{
Process p = Runtime.getRuntime().exec(command);
InputStream is = p.getInputStream();
BufferedReader reader = new BufferedReader(new InputStreamReader(is));
String line;
p.waitFor();
is.close();
reader.close();
p.destroy();
return null;
}
错误消息:
java.io.IOException: Cannot run program "/usr/sbin/": error=13, Permission denied
at java.lang.ProcessBuilder.start(ProcessBuilder.java:1048)
at java.lang.Runtime.exec(Runtime.java:620)
at java.lang.Runtime.exec(Runtime.java:485)
at Controller.exec(Controller.java:7)
at commandSender.makeComm(commandSender.java:21)
at GUI$3.mouseClicked(GUI.java:172)
at java.awt.AWTEventMulticaster.mouseClicked(AWTEventMulticaster.java:270)
at java.awt.Component.processMouseEvent(Component.java:6536)
at javax.swing.JComponent.processMouseEvent(JComponent.java:3324)
at java.awt.Component.processEvent(Component.java:6298)
at java.awt.Container.processEvent(Container.java:2236)
at java.awt.Component.dispatchEventImpl(Component.java:4889)
at java.awt.Container.dispatchEventImpl(Container.java:2294)
at java.awt.Component.dispatchEvent(Component.java:4711)
at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4888)
at java.awt.LightweightDispatcher.processMouseEvent(Container.java:4534)
at java.awt.LightweightDispatcher.dispatchEvent(Container.java:4466)
at java.awt.Container.dispatchEventImpl(Container.java:2280)
at java.awt.Window.dispatchEventImpl(Window.java:2746)
at java.awt.Component.dispatchEvent(Component.java:4711)
at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:758)
at java.awt.EventQueue.access$500(EventQueue.java:97)
at java.awt.EventQueue$3.run(EventQueue.java:709)
at java.awt.EventQueue$3.run(EventQueue.java:703)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:76)
at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:86)
at java.awt.EventQueue$4.run(EventQueue.java:731)
at java.awt.EventQueue$4.run(EventQueue.java:729)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:76)
at java.awt.EventQueue.dispatchEvent(EventQueue.java:728)
at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:201)
at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:116)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:105)
at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:93)
at java.awt.EventDispatchThread.run(EventDispatchThread.java:82)
Caused by: java.io.IOException: error=13, Permission denied
at java.lang.UNIXProcess.forkAndExec(Native Method)
at java.lang.UNIXProcess.<init>(UNIXProcess.java:247)
at java.lang.ProcessImpl.start(ProcessImpl.java:134)
at java.lang.ProcessBuilder.start(ProcessBuilder.java:1029)
... 37 more
我已经将java,javac,javaws和jar设置为777
您将数组{"/usr/sbin/", "snort -T -c /etc/snort/rules/local.rules"}传递给Runtime.getRuntime().exec(对于option==1的情况,对于其他情况也是如此)。
这是错误的,原因有两个:这个数组的第一个值需要指定要执行的命令,而不仅仅是它的目录,即它应该是/usr/sbin/snort的。此外,每个参数都需要是数组中自己的元素。
因此,数组总体上应如下所示:{"/usr/sbin/snort", "-T", "-c", "/etc/snort/rules/local.rules"}.我建议使用ArrayList通过附加您需要的所有值来构造命令行,然后使用list.toArray(new String[0]);从中创建数组。